[rspec-users] Where to spec authentication and roles-based permissions?
matt at mattwynne.net
Fri May 8 08:57:22 EDT 2009
On 8 May 2009, at 10:33, doug livesey wrote:
> Hi -- I'm writing an app that both requires authentication via a
> logon, and also has roles-based permissions (using acl_system2), and
> was wondering where to verify that both are happening.
> I've started out putting them in a special cucumber feature for
> authentication & permissions, but this is becoming a real drag, as
> I'm writing a scenario for each case (anonymous, lacking
> permissions, permitted) by each controller action.
> Can anyone advise me on a better way to organise this?
Have you seen Scenario Outlines? I think this is exactly kind of stuff
that should be surfaced in a Cucumber test, but you need to organise
your steps to facilitate that. Tools like Scenario Outline really help.
More information about the rspec-users